Q1. Refer to the following access list.
access-list 100 permit ip any any log
After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this?
A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched.
B. A packet that matches access-list with the "log" keyword is fast switched.
C. A packet that matches access-list with the "log" keyword is process switched.
D. A large amount of IP traffic is being permitted on the router.
Answer: C
Explanation:
Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the
network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can
negatively affect other functions of the network device. There are two primary factors that contribute to the
CPU load increase from ACL logging: process switching of packets that match log-enabled access control
entries (ACEs) and the generation and transmission of log messages. Reference: http://www.cisco.com/
web/about/security/intelligence/acl-logging.html#4
Q2. You have been asked to evaluate how EIGRP is functioning in a customer network.
What is the advertised distance for the 192.168.46.0 network on R1?
A. 333056
B. 1938688
C. 1810944
D. 307456
Answer: C
Explanation:
Q3. Which protocol uses dynamic address mapping to request the next-hop protocol address for a specific connection?
A. Frame Relay inverse ARP
B. static DLCI mapping
C. Frame Relay broadcast queue
D. dynamic DLCI mapping
Answer: A
Explanation:
Dynamic address mapping uses Frame Relay Inverse ARP to request the next-hop protocol address for a
specific connection, given its known DLCI. Responses to
Inverse ARP requests are entered in an address-to-DLCI mapping table on the router or access server; the
table is then used to supply the next-hop protocol
address or the DLCI for outgoing traffic.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/wan/configuration/guide/fwan_c/wcffrely.html
Q4. A network administrator uses IP SLA to measure UDP performance and notices that packets on one router have a higher one-way delay compared to the opposite direction. Which UDP characteristic does this scenario describe?
A. latency
B. starvation
C. connectionless communication
D. nonsequencing unordered packets
E. jitter
Answer: A
Explanation:
Cisco IOS IP SLAs provides a proactive notification feature with an SNMP trap. Each measurement
operation can monitor against a pre-set performance threshold.
Cisco IOS IP SLAs generates an SNMP trap to alert management applications if this threshold is crossed.
Several SNMP traps are available: round trip time, average jitter, one-way latency, jitter, packet loss, MOS, and connectivity tests.
Here is a partial sample output from the IP SLA statistics that can be seen:
router#show ip sla statistics 1
Round Trip Time (RTT) for Index 55
Latest RTT: 1 ms
Latest operation start time: *23:43:31.845 UTC Thu Feb 3 2005 Latest operation return code: OK
RTT Values:
Number Of RTT: 10 RTT Min/Avg/Max: 1/1/1 milliseconds Latency one-way time:
Number of Latency one-way Samples: 0
Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds Destination to Source Latency
one way Min/Avg/Max: 0/0/0 milliseconds
Reference:
http://www.cisco.com/en/US/technologies/tk648/tk362/tk920/technologies_white_paper09186a0
0802d5efe.html
Q5. Which encapsulation supports an interface that is configured for an EVN trunk?
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLS
F. HDLC
Answer: A
Explanation:
Restrictions for EVN
An EVN trunk is allowed on any interface that supports 802.1q encapsulation, such as Fast Ethernet,
Gigabit Ethernet, and port channels.
A single IP infrastructure can be virtualized to provide up to 32 virtual networks end-to-end.
If an EVN trunk is configured on an interface, you cannot configure VRF-Lite on the same interface.
OSPFv3 is not supported; OSPFv2 is supported.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/evn/configuration/xe-3s/evn-xe-3s- book/evnoverview.Pdf
Q6. Refer to the following output:
Router#show ip nhrp detail
10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12, expire 01:59:47
TypE. dynamic, Flags: authoritative unique nat registered used
NBMA address: 10.12.1.2
What does the authoritative flag mean in regards to the NHRP information?
A. It was obtained directly from the next-hop server.
B. Data packets are process switches for this mapping entry.
C. NHRP mapping is for networks that are local to this router.
D. The mapping entry was created in response to an NHRP registration request.
E. The NHRP mapping entry cannot be overwritten.
Answer: A
Explanation:
Show NHRP: Examples
The following is sample output from the show ip nhrp command:
Router# show ip nhrp
10.0.0.2 255.255.255.255, tunnel 100 created 0:00:43 expire 1:59:16 Type: dynamic Flags: authoritative
NBMA address: 10.1111.1111.1111.1111.1111.1111.1111.1111.1111.11 10.0.0.1 255.255.255.255,
Tunnel0 created 0:10:03 expire 1:49:56 Type: static Flags: authoritative NBMA address: 10.1.1.2 The
fields in the sample display are as follows:
The IP address and its network mask in the IP-to-NBMA address cache. The mask is always
255.255.255.255 because Cisco does not support aggregation of NBMA information through NHRP.
The interface type and number and how long ago it was created (hours:minutes:seconds).
The time in which the positive and negative authoritative NBMA address will expire
(hours:minutes:seconds). This value is based on the ip nhrp holdtime
command.
Type of interface:
dynamic--NBMA address was obtained from the NHRP Request packet.
static--NBMA address was statically configured.
Flags:
authoritative--Indicates that the NHRP information was obtained from the Next Hop Server or router that
maintains the NBMA-to-IP address mapping for a particular destination. Reference: http://www.cisco.com/
c/en/us/td/docs/ios/12_4/ip_addr/configuration/guide/hadnhrp.html
Q7. Refer to the exhibit. Which statement about the configuration is true?
A. 20 packets are being sent every 30 seconds.
B. The monitor starts at 12:05:00 a.m.
C. Jitter is being tested with TCP packets to port 65051.
D. The packets that are being sent use DSCP EF.
Answer: A
Explanation:
Q8. You have been asked to evaluate how EIGRP is functioning in a customer network.
Traffic from R1 to R61 s Loopback address is load shared between R1-R2-R4-R6 and R1-R3-R5-R6 paths. What is the ratio of traffic over each path?
A. 1:1
B. 1:5
C. 6:8
D. 19:80
Answer: D
Explanation:
Q9. Which traffic characteristic is the reason that UDP traffic that carries voice and video is assigned to the queue only on a link that is at least 768 kbps?
A. typically is not fragmented
B. typically is fragmented
C. causes windowing
D. causes excessive delays for video traffic
Answer: A
Explanation:
Q10. For troubleshooting purposes, which method can you use in combination with the “debug ip packet” command to limit the amount of output data?
A. You can disable the IP route cache globally.
B. You can use the KRON scheduler.
C. You can use an extended access list.
D. You can use an IOS parser.
E. You can use the RITE traffic exporter.
Answer: C
Explanation:
The debug ip packet command generates a substantial amount of output and uses a substantial amount of
system resources. This command should be used with caution in production networks. Always use with the access-list command to apply an extended ACL to the debug output. Reference: http://www.cisco.com/c/en/us/support/docs/security/dynamic-multipoint-vpn-dmvpn/111976-dmvpn-troubleshoot-00.html